resolve: Avoid dots in protocol part of interface names when using resolvconf

Newer releases of systemd contain a change that removes not the part
after the first dot but the part after the last when determining the
interface name (apparently some interface names actually contain a dot).

This changes the default prefix to only contain one dot and avoids the
dots added by IPv4 addresses to create a unique interface/protocol for
each DNS server (it also replaces the `:` in IPv6 addresses with
something that might cause less conflicts).

References strongswan/strongswan#1353

conf/plugins/resolve.opt

@@ -1,7 +1,7 @@
 charon.plugins.resolve.file = /etc/resolv.conf
 	File where to add DNS server entries if not using resolvconf(8).
 
-charon.plugins.resolve.resolvconf.iface_prefix = lo.inet.ipsec.
+charon.plugins.resolve.resolvconf.iface_prefix = lo.ipsec
 	Prefix used for interface names sent to resolvconf(8).
 
 	Prefix used for interface names sent to **resolvconf**(8). The nameserver

src/libcharon/plugins/resolve/resolve_handler.c

@@ -30,7 +30,7 @@
 #define RESOLVCONF_EXEC "/sbin/resolvconf"
 
 /* default prefix used for resolvconf interfaces (should have high prio) */
-#define RESOLVCONF_PREFIX "lo.inet.ipsec."
+#define RESOLVCONF_PREFIX "lo.ipsec"
 
 typedef struct private_resolve_handler_t private_resolve_handler_t;
 
@@ -191,13 +191,20 @@ static bool invoke_resolvconf(private_resolve_handler_t *this, host_t *addr,
 {
 	process_t *process;
 	FILE *shell;
+	char buf[BUF_LEN];
 	int in, out, retval;
 
+	if (snprintf(buf, sizeof(buf), "%H", addr) >= sizeof(buf))
+	{
+		return FALSE;
+	}
+	translate(buf, ".:", "__");
+
 	/* we use the nameserver's IP address as part of the interface name to
 	 * make them unique */
 	process = process_start_shell(NULL, install ? &in : NULL, &out, NULL,
-							"2>&1 %s %s %s%H", this->resolvconf,
+							"2>&1 %s %s %s%s", this->resolvconf,
-							install ? "-a" : "-d", this->iface_prefix, addr);
+							install ? "-a" : "-d", this->iface_prefix, buf);
 
 	if (!process)
 	{